Case C-484/14, McFadden – a mere conduit?

If a person offers non-password-protected access to the Internet, and an unknown user passes a piece of copyright-infringing music over that Internet connection, then can the person offering the Internet access be absolved of legal liability on the basis that he is but a ‘mere conduit’ under the EU’s ‘E-Commerce’ Directive 2000/31/EC?

Continue reading

Case C-230/14, Weltimmo – regulatory competence over websites

If a Slovakian company runs a website that advertises Hungarian homes for sale, and Hungarian residents submit their personal data to the company’s website server, then in the event of the Slovakian company breaching data protection laws, does the Hungarian Data Protection Authority retain any regulatory competence to ensure that Hungarian data protection law is complied with? Or should the Hungarian Authority simply have requested its Slovakian counterpart to take action against the Slovakian company?

Continue reading

Case C-362/14, Schrems – does a ‘safe harbour’ shelter states that deprive EU citizens of their EU Charter rights?

If the EU Commission deems a non-EU state to be a ‘safe harbour’ for the purposes of data processing, then personal data about EU citizens can be sent to companies in that non-EU state. This is not new. For example, in 2000 the EU Commission had decided that the USA was a ‘safe harbour’. However, in 2013 Edward Snowden made a series of revelations concerning the USA’s blanket interception of Internet and telecoms systems. These revelations have generated a question of EU law. Namely, can an EU Member State’s national data protection regulator now disregard the EU Commission’s finding that the USA is a ‘safe harbour’, and do so on the basis that the USA’s laws and practices do not adequately protect and respect an EU citizen’s EU Charter rights to privacy and data protection?

Continue reading

Case C-362/14, Schrems – does a ‘safe harbour’ shelter states that deprive EU citizens of their EU Charter rights?

If the EU Commission deems a non-EU state to be a ‘safe harbour’ for the purposes of data processing, then personal data about EU citizens can be sent to companies in that non-EU state. This is not new. For example, in 2000 the EU Commission had decided that the USA was a ‘safe harbour’. However, in 2013 Edward Snowden made a series of revelations concerning the USA’s blanket interception of Internet and telecoms systems. These revelations have generated a question of EU law. Namely, can an EU Member State’s national data protection regulator now disregard the EU Commission’s finding that the USA is a ‘safe harbour’, and do so on the basis that the USA’s laws and practices do not adequately protect and respect an EU citizen’s EU Charter rights to privacy and data protection?

Continue reading

Case C-74/14, Eturas – computerised cartels and limits on price discounts

In Lithuania, a travel agency ran a computerised online travel system which offered customers various package tours. However, when it came to offering customers discounts on the price of their holiday, the computer system put a ceiling on the maximum amount of discount which a customer could be offered. It was a computerised booking system that was used by many travel agents. Is this not an example of price-fixing among members of a concerted practice and thus contrary to Article 101 TFEU?

Continue reading

Case C-30/14, Ryanair – grounding a go compare an airfare website

Price-comparison websites in the EU are often lawful because the websites they take their information from are databases frequently unprotected by either copyright or the ‘sui generis’ right enshrined in the EU’s Database Directive 96/9/EC. This is true of Ryanair’s website. But Ryanair’s website is however protected by a plank of deviant Dutch ‘copyright’ law. In this case, a Dutch website that compares the price of airfares is seeking to rely on a Dutch exception to the Dutch ‘copyright’ rule, an exception that corresponds to one found in the EU’s Database Directive. The legal question has become whether the Directive applies to all databases and thus websites – even the unprotected ones – and, if so, whether the price-comparison website qualifies as a ‘lawful user’, who does not need to obtain Ryanair’s consent to use Ryanair’s website.

Continue reading